Toshiba announced this weekend that a web server run by its US sales subsidiary had been hacked, and the email addresses, telephone numbers and passwords of hundreds of customers had been compromised.
The Japanese electronics firm said that the server was run by Toshiba America Information Systems Inc., and held personal data relating to 7,520 customers. Fortunately, according to the firm, the personal information exposed did not include any credit card data.
Nevertheless, you don’t want your email address and password falling into hands of malicious hackers.
Not only could cybercriminals “try out” your passwords to see if they unlock any of your other online accounts (too many people use the same password on multiple websites), but they could also target you with attacks pretending to come from Toshiba.
After all, you have a business relationship with Toshiba – so you would be less suspicious of opening an email or clicking on a link which appeared to have been sent by them. Especially if some clever social engineering made the email appear particularly enticing.
A Toshiba spokesperson told the Wall Street Journal, that the Toshiba subsidiary’s IT staff first noticed a problem with the web server on July 11th, and confirmed on July 13th that it had been hacked.
"We will continue the investigation and intend to thoroughly protect customers' information and manage (related computer) systems to prevent a recurrence."
All customers potentially affected by the hack are said to have been informed of the problem by the firm.
If you run a website it’s essential to ensure it is as secure as possible from hacker attacks.
If you haven’t already done so, read this informative paper by SophosLabs, “Securing websites”, which covers some of the issues.
One comment on “Toshiba website hacked – email addresses and passwords exposed”
Like Sony looking out for customers?. Game over guys if my info got taken it's already too late, too late for sony too, pulled my details from their network the second their WELCOME BACK campaign was started. Does Toshiba know how they got in? companies should have to file a detailed report when they get hacked, a report that states what was done' if the hack was using a known exploit, ports, data downloaded and ip addresses, these reports should be checked to see if the hack/exploit was preventable and the company held responsable for customer losses if it is found that it was. I am sick to death of companies like sony turning around and yelling hackers hackers hackers, when if my data was taken its their fault, YOU WOULD NEVER SEE A BANK TURN AROUND LOSE MILLIONS OF PEOPLES PERSONAL INFORMATION/ACCOUNTS AND SAY "OH NO IT'S THOSE HACKERS…IT'S NOT OUR FAULT" Companies that lose customers details should be treated like a bank that just lost your life savings….screw them.